Single Sign On (SSO) (also known as Enterprise Single Sign On or “ESSO”) is the ability for a user to enter the same id and password to logon to multiple applications. Current single sign on identity and access management solutions include industry standard protocols like SAML and OAuth to issue identity assertions (such as tokens, cookies, etc.) to user devices for subsequent access to application servers. These issued identity assertions may have a limited lifetime, or time to live (TTL). Limiting the TTL prevents the assertions from being abused or otherwise compromising the security of the overall system (e.g. a mobile device is lost/stolen during the assertion lifetime).
There is a user experience benefit to having longer assertion lifetimes. Thus there is a compromise today where the user benefits from longer assertion lifetimes, but system security is improved with shorter lifetimes. It would be beneficial for a user to increase assertion lifetimes without increasing the likelihood of the assertion being abused.
Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale. For example, the dimensions and/or relative positioning of some of the elements in the figures may be exaggerated relative to other elements to help to improve understanding of various embodiments of the present invention. Also, common but well-understood elements that are useful or necessary in a commercially feasible embodiment are often not depicted in order to facilitate a less obstructed view of these various embodiments of the present invention. It will further be appreciated that certain actions and/or steps may be described or depicted in a particular order of occurrence while those skilled in the art will understand that such specificity with respect to sequence is not actually required.